Content Paint

Security

Millions exposed to LogoFAIL firmware flaws: Should CISOs be worried? Well, yes, honestly.

You're probably exposed to rootkit risk, because vendors wanted their logos to show during boot processes -- everything's broken, howl into the abyss, why's this security advisory on a domain like https://9443417.fs1.hubspotusercontent-na1.net anyway?

There's no zero trust if you trust the network...

"We are forced to ‘trust’ the Internet – open inbound ports on our firewalls – and then our app server, web server or API server does the final authorization inside our DMZ..."

New Relic hack

Hackers gained access to an employee account and pivoted to staging environment, but did not move laterally, company says.

CISA's going to name and shame vendors on insecure software

"When we see a vulnerability or intrusion campaign that could have been reasonably avoided if the software manufacturer had aligned to secure by design principles, we’ll call it out"

owncloud vulnerability  CVE-2023-49103

ownCloud claims 200,000 installations, 600 enterprise customers, and 200 million users with customers including the European Commission.

Boeing shares ransomware incident TTPs as Citrix Bleed attacks ramp up

Hey criminals! Fire an HTTP GET request. Grab system memory including session cookies issued post-authentication. Don't worry about logs. Pillage and loot. Thanks, Citrix.

New Relic cyber security

Incident comes weeks after the Application Performance Monitoring firm was taken private in a $6.5 billion buyout

The Big Interview: JPMorgan’s Global CISO, Pat Opet

"Industry has gotten good at identifying vulnerabilities in the supply chain; SBOMs and so on [but not at] at insidious backdoors and logic issues that are built into software, and update mechanisms that could cause implants..."

Three Windows zero days are under attack: Patch up.

"Loaded by default on just about every version of Windows, so it provides a broad attack surface"

Search the site

Your link has expired. Please request a new one.
Your link has expired. Please request a new one.
Your link has expired. Please request a new one.
Great! You've successfully signed up.
Great! You've successfully signed up.
Welcome back! You've successfully signed in.
Success! You now have access to additional content.